Anyone know why this forum has been hit with a dozen or so purported American college football live-stream spams today? (Other than that it's the first weekend of the season.) Glad it's only this one; but is there any way to do automatic blocking? The links supposedly point to PDFs on various sites, but you couldn't pay me to click on one and find out where it really goes.

Thanks, Katherine. I just loathe that kind of "marketing." Actually, I don't care much for any marketing (except of course publicity for my books ), but that sort of stuff doesn't even deserve the name "marketing," IMO. Thus I tend to get a little too worked up about it. Thanks for removing the junk! Hope there won't be any more.

Some forum software will automatically block posts with only links for content. Don't know if that's possible with our software or not.

Katherine

phpBB comes with the ability to add a question in the register process that a bot can't figure out. It doesn't have to be hard - something that the registering (live) person would easily know (so it doesn't stop them registering). On another board I belong to, this has stopped spammers absolutely cold. And it's much better than "captcha" which makes my eyes hurt (but doesn't stop bots).Or, there's Bad Behavior, which is magic and effective but a bit more geeky to install.

How the heck are all the bots getting though the captcha? I barely pass as human and I know I'm ... well, I guess maybe i don't know that I'm human. Hmm...

Just a little humor...

Jaysen

I have a wife and 2 kids that I can only attribute to a wiggle, a giggle, and the realization that she was out of my league so I might as well be happy with her as a friend. 24 years marriage later, I can't imagine life without her. -Me 10/7/09

That's what I'd love to know! I've been through all of the captcha options we have at this point, including Google's vaunted oh-so-fancy-knows-if-you're-human (which basically boils down to: does your browser have a big fat dossier attached to it back at Google's data mining headquarters) stuff and it makes no difference. I've gone back to a question and answer, though this time with something a little less obvious than "What software do we sell?".

On top of that we also use a central database of known bad addresses, IPs and usernames, which does block a fair amount going by the logs, but an annoying percentage still slip through that.

One interesting pattern I have spotted is that they seem to be triggered off of WordPress activity. We post a blog article and they all activate and start spamming on phpBB. Curious how they are piggybacking in like that, I suppose any sort of "ping" the site might make to public feeds that indicates its not a dead site might do the trick though.

.:.Ioa Petra'ka“Whole sight, or all the rest is desolation.” —John Fowles

There has to be an API hole that's letting them create accounts directly. That's tha only explanation. Even a botnet would need to pass captcha which should trigger a boat load of fails. I'm too lazy to look, but has phpBB been releasing any updates?

Jaysen

I have a wife and 2 kids that I can only attribute to a wiggle, a giggle, and the realization that she was out of my league so I might as well be happy with her as a friend. 24 years marriage later, I can't imagine life without her. -Me 10/7/09

In the meantime, is it possible to configure it so that any posts that only contain links get rejected? It won't stop the accounts from forming but it might at least give us some respite from having to see the actual posts.